Content playback method and recording and playback device

ABSTRACT

Where a follow-up playback is realized for content data that is recorded by changing an encryption key at predetermined intervals for copyright protection, fast feed and playback operations are provided that can get close to a video scene of a present point of time. There are two areas on the memory in which to manage key information. The key information and seed information being written into a hard disk drive are held in memory in order to allow access to the key information and seed information even as they are written.

INCORPORATION BY REFERENCE

The present application claims priority from Japanese applicationJP2007-069761 filed on Mar. 19, 2007, the content of which is herebyincorporated by reference into this application.

BACKGROUND OF THE INVENTION

The present invention relates to a content playback method and arecording and playback method that use content storage media with acopyright protection function, especially removable content storagemedia

Digital broadcasting in recent years encrypts content data by adding alimiting signal, such as “copy once” signal, to it from the standpointof copyright protection. Compatible recorders therefore encrypt contentdata on their own and store it on a hard disk drive to prevent anillicit use of or inadvertent leak of the content data due to humanerrors. When content data recorded in a hard disk drive is written intoa DVD or Blue-ray Disk, the content data stored in the hard disk driveis deleted (by a move function), thus conforming to a rule of “copyonce”.

However, there is a problem with this method. That is, since a recorderencrypts content data on its own, a removable hard disk drive cannot beused, which is inconvenient to the user. Under this circumstance, aremovable hard disk drive “Secure iVDR” with a copyright protectionfunction has become available on the market. The Secure iVDR has afunction of independently managing usage passes, which include encryptedcontent data and its decryption key, a function of protecting storedusage passes against illicit access, and a function of transferringusage passes with a PKI-based bidirectional authentication, and realizesa copyright protection of content data which have been separately storedfrom the usage passes.

Further, for music players to play music content and for video playersto play video content, specifications have been defined using thiscontent copyright protection function. In the case of a video player, alogical block of contiguous 3072 bytes obtained by dividing a videostream is called an access unit (AU) and encryption is performed inunits of AU. A logical block of contiguous 512 AUs is called anallocation unit (ALU), which constitutes a minimum unit in which videodata is encrypted by one usage pass. In realizing a move function forcontent data, the Secure iVDR is required to change the usage pass inless than one minute, considering the fact that the time during whichcontent data are allowed to overlap each other is less than 1 minute(see Recording and Playback Device for iVDR—TV recording specification(http://www.safia-1b.com/).

In a recorder using such a Secure iVDR, a normal playback is realized byperforming a mutual authentication between a recorder body and theSecure iVDR, establishing an encrypted communication path using a usagepass transfer protocol between the recorder body and the Secure iVDR,safely reading the usage pass, decrypting separately read encryptedcontent data with an encryption key saved in the usage pass, andtransferring the decrypted data to a decoder. However, since therecorder body and Secure iVDR use a built-in CPU, there is a possibilitythat safely writing/reading the usage pass may take much time.

On the other hand, a hard disk recorder in general can simultaneouslyplay a content that is being recorded in a mode called a follow-upplayback. This type of viewing is done when the user temporarily leavesa television he is watching. On leaving the TV, the user starts thismode of recording and, when he returns, resumes viewing the video fromwhere he left off. In this type of viewing, it is considered necessaryto get the playback state as close to the currently broadcast state aspossible (or to catch up with the current broadcast state).

In the Secure iVDR or removable hard disk drive, a recording needswriting the usage pass into a hard disk drive and a playback requiresreading the usage pass from the hard disk drive.

For example, in JP-A-2005-285287, since the follow-up playback isperformed by using a content key held in a content key generation modulewithout reading the content key from the storage medium hard disk, thekey information is held in memory.

The follow-up playback is a playback that reads content data recorded ina hard disk drive.

Under these premises, to realize a catch-up, it is necessary for theplayback processing side to be able to successively locate a currentrecording position (hard disk writing position). In this case, it ispossible to get close even to the unit data block being written into thehard disk.

Further, when the Secure iVDR is used, the playback processing side mustalso be able to safely use the content data key information usage pass.For this purpose, one method may involve, as in normal processing,writing a usage pass into a hard disk drive and reading it. However,since this operation is executed by a CPU built into the Secure iVDR,the writing/retrieval of the usage pass takes time. If, for example, ittakes a few seconds, the playback that can be realized can only play thecontent data lagging the currently broadcast state with a delay of a fewseconds. So, the catch-up cannot be realized.

In JP-A-2005-285287, since the playback is performed by using a contentkey held in the content key generation module, an overhead of readingthe content key from the hard disk drive can be eliminated. However,JP-A-2005-285287 provides one encryption key for the content data anddoes not contemplate a situation where the content key may change in aplayback time of as short as one minute.

If the content key is to be saved always in memory, it is necessary, inthe case of 120-minute content data for example, to have at least 120pieces of key information. Each piece of key information needs at least64 B, so about 8 kB of memory is required. If information on this memoryshould leak, a decryption key for entire content data can becomeavailable for a third person, which poses a security problem.

Further, if an arrangement is made to hold only one encryption key inmemory and, when recording is finished, store it in the hard disk drive,the catch-up time cannot be made less than one second at the timing ofwriting the encryption key because the writing takes time (of the orderof seconds).

SUMMARY OF THE INVENTION

To overcome the above problem, two areas are provided on the memory tomanage the key information. Further, the key information and seedinformation being written into the hard disk drive are held on thememory in order to allow access to the key information and seedinformation even as they are being written.

More specifically, the above problem is solved by the following means.

A device provided to record and play back content data requiringcopyright protection, comprises: a storage medium having a first areaand a second area, the first area being used to store anencryption/decryption key after the content data is encrypted bychanging an encryption key at a predetermined frequency, the second areabeing used to store the content data via an encrypted communication paththat is established after a decryption key for decrypting the encryptedcontent data is verified; and a CPU to execute programs and a memory;wherein when the content data is recorded in the storage medium, a firstdecryption key to decrypt the content data is generated and held on thememory; wherein when, with the elapse of the predetermined period, anencryption key for the content data is changed, a second decryption keyis generated and held on the memory; wherein an identifier of the firstdecryption key and a range of decryption are stored in the first area ofthe storage medium, an authentication is executed between the storagemedium and the device, an encrypted communication path is established,and the decryption key and the identifier are written into the secondarea; wherein when the writing of the decryption key and the identifieris completed, the first decryption key is discarded from the memory;wherein, when the content data being recorded is played or fast-fed, ifthe decryption key corresponding to a playback position is the firstdecryption key or the second decryption key on the memory, the contentdata is decrypted by using the first or second decryption key, or if thefirst decryption key or the second decryption key on the memory does notmatch the playback position, an identifier of a decryption key isextracted from the range of decryption in the first area of the storagemedium; wherein an authentication is performed between the storagemedium and the device, an encrypted communication path is established,and a decryption key corresponding to the identifier is read from thesecond area to decrypt the content data, thus performing playback orfast-feed of the content data.

The storage medium is removable.

A content playback method is provided which comprises the steps of: incontent data recording processing, generating a key for encrypting thecontent data; generating a first key for decrypting the encryptedcontent data and storing it on a memory; encrypting the content data andrecording the encrypted content data in a storage medium; monitoring acontent recording time, updating the encryption key at a predeterminedfrequency and storing on the memory the corresponding second decryptionkey; performing an authentication of the storage medium, establishing anencrypted communication path and writing the first key into the storagemedium; in content data playback processing or fast feed processing,determining whether the first key and the second key can be used as adecryption key for content that is to be played back or fast fed; ifthey can be used, decrypting content data by the first key or the secondkey; if they cannot be used, authenticating the storage medium,establishing an encrypted communication path and reading a correspondingkey; and decrypting the content data using the key read out.

With this invention, when a removable content storage media with acopyright protection function (high level of security) is used, afollow-up playback can be realized that can get very close to thecurrent broadcast state, with little possibility of leak of keyinformation.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a configuration of a content recording and playback deviceand a removable hard disk drive with a copyright protection functionaccording to one embodiment of this invention.

FIG. 2 shows programs involved in a follow-up playback operation of thecontent recording and playback device according to the embodiment.

FIG. 3 shows an example structure of a key information management area.

FIG. 4 shows an example flow of recording processing.

FIG. 5 shows an example flow of key information update processing.

FIG. 6 shows an example flow of playback processing.

FIG. 7 shows an example flow of fast feed processing.

DESCRIPTION OF THE INVENTION

One embodiment of the present invention will be explained by referringto FIG. 1 through FIG. 7.

FIG. 1 shows a configuration of a content recording and playback device110 that embodies the present invention. The content recording andplayback device 110 comprises a tuner I/F 111 connecting to a digitalbroadcast receiving tuner, an encoder/decoder 113 to encode thebroadcast received from the tuner I/F and decode information read fromthe hard disk drive, a remote controller I/F module 117 to accept ademand from a remote controller operated by the user, a ROM 115 in whichto store programs, a CPU 116 to execute the programs, a RAM 114necessary for program operation, and a hard disk I/F module 118,connected to a removable hard disk drive (Secure iVDR) 100 with acopyright protection function and having a buffer memory 121 totemporarily store content data, and an internal bus 119 connectingthese. The tuner I/F 111, encoder/decoder 113, CPU 116 and hard disk I/Fmodule 118 are connected together by a bus 120 dedicated for contentdata.

The hard disk drive 100 comprises a host I/F module 101 connected to thehard disk I/F module 118; a hard disk storage module 105 to store data;a hard disk controller 102 to control a spindle that rotates recordingdisks (platters) making up the hard disk storage module 105 by anelectric motor and an arm/actuator that drives a read/write head to andfrom; a ROM 104 to store programs to be executed by the hard diskcontroller; and a RAM 103 to store data temporarily.

The hard disk storage module 105 comprises a tampering prevention area106 and a general data area 107. The tempering prevention area 106stores a file 140 containing device verification information and contentencryption/decryption key information. The general data area 107 storesa content data file 141 for each recorded program, a content descriptioninformation file 142 to manage information such as program names andrecording times, a content key information file 143 to manage keyinformation and information on a range of content covered by the key,and a content time information file 144 to manage I frame time andposition information.

Although FIG. 1 shows a built-in type configuration, other configurationmay be employed in which the user can easily remove the hard diskmodules from slots. Another configuration is also possible in which evena built-in type hard disk module can easily be taken out by opening acubicle of the hard disk drive.

The ROM 104 in the hard disk drive 100 stores programs to be executed bythe hard disk controller, i.e., general data area read/write processing130, verification processing 131 on a device to which the hard diskdrive is connected, and tampering prevention area read/write processing132.

In this embodiment, the hard disk storage module 105 is provided withthe tampering prevention area 106 so that an area to be accessed can beselected by the hard disk controller 102. It is also possible toseparately provide a secure module having, for example, verificationprocessing, tampering prevention area read/write processing and atampering prevention area.

FIG. 2 shows programs for recording and playback operations in thecontent recording and playback device 110 connected to a removable harddisk drive 100 with a copyright protection function.

Processing to execute the recording and playback operations when thecontent recording and playback device 110 is connected to the removablehard disk drive 100 with a copyright protection function are: a user I/Fmodule 200 to select processing to be executed, upon receiving controlfrom a remote controller; recording processing 400 to execute recording;encryption processing 205 executed in the recording processing 400;content write processing 206 to write encrypted content data into thehard disk storage module in the hard disk drive; playback processing 600to execute playback; content read processing 208 in the playbackprocessing 600 to read encrypted content data from the hard disk storagemodule of the hard disk drive; decryption processing 207 to decrypt thecontent data read out; fast feed processing 700; authenticationprocessing 201 to execute mutual authentication between the hard diskdrive 100 and the content recording and playback device 110; key writingprocessing 203 to generate key information corresponding to the contentduring recording and write the key information in the tamperingprevention area 106 in the hard disk storage module 105 of the hard diskdrive 100; key reading processing 202 to read key information from thetampering prevention area 106 in the hard disk storage module 105 of thehard disk drive 100 during playback; and key update processing 500 toupdate key for recording.

In the Secure iVDR, the key information is called usage pass.

FIG. 3 shows a configuration of a key information management area 300.

Although in FIG. 1 the key information management area 300 is located onthe RAM 114, it may be put on a part of the buffer memory 121 of thehard disk I/F module 118.

There are provided two of the key information management areas 300.

The key information management area 300 has a flag 301, an identifier302, a start position 303 and an end position 304 of content data to beencrypted or decrypted, key information 305 and seed information 306.

The flag 301 has three states—a “free” state in which recordingprocessing is not used, a “using” state in which key information to beused for encryption is currently loaded in the key informationmanagement area 300, and a “writing” state in which the writingoperation is performed on the tampering prevention area 106 in the harddisk storage module 105 of the hard disk drive 100.

While in this embodiment an encryption key and a decryption key are thesame, they may be different keys. In that case, key information fordecryption and seed information need to be set in the key informationmanagement area 300.

The identifiers 302 are successively assigned “1” and subsequent numberswhen the content data recording starts.

To increase security, the key information may be encrypted and placed inthe management area so that it does not make sense unless it issubjected to the key reading operation and the key writing operation. Inthat case, if the key information management area should be read outillicitly, the key information cannot be made available unless theprogram processing is analyzed.

Further, at time of initialization the key information management area300 has its flag set to “free” and other items to “0”.

Now, a processing flow of the follow-up playback will be explained byreferring to FIG. 4 through FIG. 7.

When the user selects a follow-up playback, a recording of a selectedchannel is started. At this time, a video on a display is halted. Inthis state, selecting a user playback starts a playback from the haltedstate. A fast feed can be done from the playback mode. In that case, itis necessary to get as close to the current broadcasting state aspossible (or to catch up with the current broadcasting state). When thefast feed comes near the current recording point, the fast feed changesto a normal playback.

The user selects a desired channel on a remote controller and also afollow-up playback. The user I/F module 200 accepts a user demand,decides that a recording for the follow-up playback is started, startsthe recording processing 400 and at the same time stops the replayedvideo on the display.

When the recording processing 400 is started, content data, that isgenerated by encoding into a format of MPEG2TS (Moving Pictures ExpertsGroup 2 Transport Stream) through the encoder 113 a video of thecorresponding channel of the digital broadcast received through thetuner I/F 111, is automatically accumulated in the buffer memory 121 ofthe hard disk I/F module 118 through the content data dedicated bus 120.

A flow of the started recording processing 400 will be explained byreferring to FIG. 4. First, key generation processing 204 is started torequest the generation of key information and seed information requiredfor encrypting content data (step 401).

Next, a key information management area 300 is set (step 402). Morespecifically, the key information and seed information are written intothe key information management area 300. The flag 301 is set to “using”and the identifier 302 to “1”. Two of the key information managementareas 300 are used alternately.

Here, as the start position 303 an ALU identifier “1” is written and theend position is written with “0” (step 403). As the recording isstarted, the ALU identifiers are successively assigned consecutivenumbers, beginning with “1”. And in units of ALU, the content encryptionprocessing 205 and the writing into the hard disk drive 100 areexecuted. In this embodiment, processing is executed, one ALU (1.5 MB)at a time.

Although the management is executed in units of ALU, it is also possibleto determine the start position and the end position in terms of offset(in bytes) from the recording start, without regard to the ALU unit.

Content data is analyzed and I frame of MPEG2TS is extracted. At thesame time a playback time added by the encoder 113 is read out. When Iframe is extracted, an offset from the head of an area where the I frameis stored and a playback time are written into the content timeinformation file 144 (step 403).

The playback time of the content data is monitored (step 4040). If anelapsed time exceeds one minute, the key update processing 500 isexecuted (step 500).

The encryption processing 205 is started to encrypt the content dataaccumulated in the buffer memory 121 in units of ALU (step 205). In thiscase, the key information and seed information are notified. Thisinformation notification at the start of the encryption processing maynot be done, unless there is any change. If the encryption processing205 is initiated following the start of the key update processing 500,new key information and seed information are notified again.

The content data that has been encrypted is written as a content datafile 141 into the general data area 107 of the hard disk storage module105 of the hard disk drive 100 (step 206). In writing first contentdata, the content data file 141 is opened and its file name is stored asa content description information file 142.

When the writing operation is complete, the value of the end position304 of the key information management area 300 is incremented (step405).

A flow of the key update processing 500 will be explained by referringto FIG. 5. In the key update processing 500, the flag 301 of the keyinformation management area 300 is set to “writing” (step 501).

Next, the key generation processing 204 is started (step 502) and thesetting of the key information management area 300 is made as follows(step 503). Key information and seed information necessary forencrypting content data are written into the key information managementarea 300 whose flag is “free”. Its flag 301 is set to the “using” state.The start position 303 and end position 304 of the key informationmanagement area 300 are assigned the value of the end position 304 ofanother key information management area 300 (whose flag 301 is“writing”), and the start position 303 is increased by “1”.

The identifier 302 of the key information management area 300 isassigned the value of an identifier 302 of another key informationmanagement area 300 (whose flag 301 is “writing”) incremented by “1”.

Next, the key writing processing 203 is instructed to write into thetampering prevention area 106 (step 504).

Next, the information of the key information management area 300excluding the flag 301, key information 305 and seed information 306 iswritten into the content key information file 143 (step 505).

If this is the first time that the recording is started, the file isopened for writing. With the above sequence of steps taken, the keyupdate processing 500 is completed and the control returns to therecording processing.

The key writing processing 203, in cooperation with the tamperingprevention area read/write processing 132 in the hard disk drive 100,performs writing into the tampering prevention area 106. Morespecifically, it executes authentication, establishes an encryptedcommunication path, exchanges key information over the communicationpath, and writes information of the key information management area 300excluding the flag as the key information in the tampering preventionarea 106.

When the writing is finished, the flag 301 of the written keyinformation management area 300 is changed to “free” before terminatingthe processing. In this way the recording processing is continued.

When the user demands a stop from a remote controller, the recordingprocessing 400 that has accepted the demand through the user I/F module200 initiates stop processing. Data accumulated in the buffer memory 121is subjected to the recording processing and the recording time iswritten into the content description information file 142. Then, thecontent data file 141, content key information file 143, content timeinformation file 144 and content description information file 142 areclosed. The key information management area 300 is set to theinitialized state.

Processing to be executed when a playback is started while a recordingis performed in the follow-up playback mode (with the video on a displayhalted) will be explained.

Upon receiving a playback request from the user operating the remotecontroller, the user I/F module 200 starts the playback processing 600to perform a playback for the follow-up playback operation.

A flow of the playback processing 600 will be described by referring toFIG. 6. Upon receiving a playback request, the playback processing 600retrieves a current playback time from the decoder 113 (step 601).

To determine the position of the content data to be played, the playbackprocessing 600 retrieves, from the corresponding content timeinformation file 144, an offset from the head of an area where the Iframe closest to the playback time is stored (step 602).

The reading and decryption of content data are performed in units ofALU. The following steps are executed successively to meet the playbacktime. The first processing may not satisfy the ALU size. In that case,the processing is executed in a size less than ALU.

An ALU identifier that stores the content data to be read out isdetermined from the offset (i.e., a value obtained by rounding downfractions of a number determined from offset/1.5 MB) (step 603).

Next, from the start position 303 and end position 304 of two keyinformation management areas 300, a check is made as to whether the keyinformation 305 and seed information 306 of interest exist (step 604).

If they exist, the control moves to content reading processing.

If not, an identifier of the associated key information is searchedthrough the content key information file 143 (step 606).

The key reading processing 202 is called to read key information andseed information corresponding to the searched key informationidentifier. In cooperation with the tampering prevention area read/writeprocessing 132 in the hard disk drive 100, the key reading processing202 performs reading from the tampering prevention area 106. Morespecifically, it executes authentication, establishes an encryptedcommunication path, and reads the key information and seed informationof the tampering prevention area 106 over the communication path (step202).

In parallel with the above steps, the key reading processing 202 readsthe corresponding content data onto the buffer memory 121 (step 208).

When the reading of the key information and seed information and thereading of the content data in ALU units are completed, the decryptionprocessing 207 is started (step 207).

Decrypted data is sent to the decoder 113 which starts to play thecontent data (step 605).

Next, processing executed when a user fast feed is requested during theplayback state will be explained by referring to FIG. 7. Upon receivinga playback request from the user operating the remote controller, theuser I/F module 200 notifies the playback processing 600 of the fastfeed request during the follow-up playback.

When it receives a fast feed request during playback, the playbackprocessing 600 first discards the content data stored in the buffermemory 121 and the content data being decrypted in order to nullify thecontent data currently undergoing the playback processing (step 701).

The current playback time is retrieved from the decoder 113 (step 702).I frame to be displayed is selected (step 710). Selection of I frame isperformed in a procedure described in the playback processing.

An ALU identifier where the I frame is stored is determined (step 703).The I frame may spread over two or more ALUs.

From the start position 303 and end position 304 of two key informationmanagement areas 300, a check is made as to whether the key information305 and seed information 306 of interest exist (step 704).

If they do not exist, an identifier of the associated key information issearched through the content key information file 143 (step 706).

The key reading processing 202 is called to read key information andseed information corresponding to the searched key informationidentifier. In cooperation with the tampering prevention area read/writeprocessing 132 of the hard disk drive 100, the key reading processing202 performs reading from the tampering prevention area 106. Morespecifically, it executes authentication, establishes an encryptedcommunication path, and reads the key information and seed informationof the tampering prevention area 106 over the communication path (step202).

In parallel with the above steps, the key reading processing 202 readsthe selected I frame from the content data file (step 208).

When the reading of the key information and seed information and thereading of the I frame in ALU units are completed, the decryptionprocessing 207 is started (step 207).

Decrypted data is sent to the decoder 113 which starts to play thecontent data (step 705).

I frame selection processing (710) will be explained.

It is assumed in the following that a playback is performed at anX-times speed and a fast feed at Y frames/second and that a playbacktime is T. When the processing is started for the first time, T is setwith the playback time read from the decoder.

An offset of I frame closest to T is determined from the associatedcontent time information file 144 (step 711).

If an offset of the corresponding I frame is not found, the fast feed isstopped and the control returns to the playback processing (step 712,714).

To determine the time required for playback, X/Y is added to theplayback time T. It is noted, however, that if the addition has alreadybeen executed (Y−1) times, X is added to T (step 713).

With the above sequence of steps taken, the encryption/decryption keyfor content data is updated in one minute. So, if the storing of the keyinformation and seed information into a hard disk drive should taketime, the latest key information and seed information can be obtainedvia memory, making it possible to perform the follow-up playbackprocessing in units of ALU. As a result, in high-definition video (at aplayback speed of about 25 Mbps), a catch-up operation that gets asclose as 0.06 second at maximum can be realized.

It should be further understood by those skilled in the art thatalthough the foregoing description has been made on embodiments of theinvention, the invention is not limited thereto and various changes andmodifications may be made without departing from the spirit of theinvention and the scope of the appended claims.

1. A device to record and play back content data requiring copyrightprotection, comprising: a storage medium having a first area and asecond area, the first area being used to store an encryption/decryptionkey after the content data is encrypted by changing an encryption key ata predetermined frequency, the second area being used to store thecontent data via an encrypted communication path that is establishedafter a decryption key for decrypting the encrypted content data isverified; and a CPU to execute programs and a memory; wherein when thecontent data is recorded in the storage medium, a first decryption keyto decrypt the content data is generated and held on the memory; whereinwhen, with the elapse of the predetermined period, an encryption key forthe content data is changed, a second decryption key is generated andheld on the memory; wherein an identifier of the first decryption keyand a range of decryption are stored in the first area of the storagemedium, an authentication is executed between the storage medium and thedevice, an encrypted communication path is established, and thedecryption key and the identifier are written into the second area;wherein when the writing of the decryption key and the identifier iscompleted, the first decryption key is discarded from the memory;wherein, when the content data being recorded is played or fast-fed, ifthe decryption key corresponding to a playback position is the firstdecryption key or the second decryption key on the memory, the contentdata is decrypted by using the first or second decryption key, or if thefirst decryption key or the second decryption key on the memory does notmatch the playback position, an identifier of a decryption key isextracted from the range of decryption in the first area of the storagemedium; wherein an authentication is performed between the storagemedium and the device, an encrypted communication path is established,and a decryption key corresponding to the identifier is read from thesecond area to decrypt the content data, thus performing playback orfast-feed of the content data.
 2. A recording and playback deviceaccording to claim 1, wherein the storage medium is a removablerecording and playback device.
 3. A content playback method comprisingthe steps of: in content data recording processing, generating a key forencrypting the content data; generating a first key for decrypting theencrypted content data and storing it on a memory; encrypting thecontent data and recording the encrypted content data in a storagemedium; monitoring a content recording time, updating the encryption keyat a predetermined frequency and storing on the memory the correspondingsecond decryption key; performing an authentication of the storagemedium, establishing an encrypted communication path and writing thefirst key into the storage medium; in content data playback processingor fast feed processing, determining whether the first key and thesecond key can be used as a decryption key for content that is to beplayed back or fast fed; if they can be used, decrypting content data bythe first key or the second key; if they cannot be used, authenticatingthe storage medium, establishing an encrypted communication path andreading a corresponding key; and decrypting the content data using thekey read out.